Scam is within international magnitude computer WorldAnd a Spanish company has discovered it. Tarlogic Security, a Galician Cyber Security Company, has just presented its investigation results Technical compensation That you are probably in your pocket.
This is one Chip It collects most of the world’s equipment every day to communicate. He is on his mobile phone, on the tablet in which he sees the series and the computer on which you work for your company. An unavoidable small controller for those devices that we work in our daily life.
Is about Omnipresent Microchip Esp32. A microcontroller manufactured by Chinese manufacturer bounce And for over one billion units in 2023, according to Tarlogic, a piece that allows Y -FI and Bluetooth connections and is present in millions of IOT devices (SO -Cold ‘Internet of Things’).
Attack
Spanish researcher Miguel Tarasco Ekuna and Antonio Vezakes Blanco He concluded that this piece has a series of unspecified commands that can be used to carry out the attacks, and they have recently presented it to a conference. Ruthedcon 2025The world’s most important Congress about cyber security in Spanish, which is currently held in Madrid.
“A chip that costs € 2, can open the door to meet the identity to connect with thousands of IOT devices”They assure the Galician company, which has developed a study in which they have reviewed several Bluetooth devices using a method that organizes the performance of the Bluetooth security audit, and concludes that “it is” not documented by the manufacturer. “
“During the investigation, the ESP32 chip has been discovered in hidden functionality, which is used in millions of IOT devices and can be acquired in the most famous e-commerce in the world for € 2”. It is one of the keys, which is present in the vast majority of IOT Bluetooth instruments for domestic use due to its low cost. In 2023, the Espressify manufacturer said in a statement that by then one billion units of this chip were sold worldwide.,
Spying citizen
With this component, they warns this Galician company, “malicious actors can apply known tools to connect with mobile phones, computer and intelligent equipment, even if they are not in a connection mode. For what purpose? Get confidential information They have access to stored, personal and business conversation, Detective citizens and companies,
“Exploitation of this functionality will allow hostile actors to fulfill identity attacks and infect permanently sensitive equipment such as Mobile, computer, smart lock or medical equipment Jump code audit control, “They say to Tarlogic.
“Awarded commands allow modeling of reliable devices, unauthorized access to data, transform into other devices in the network and, potentially, installation of prolonged perseverance,” they explain from the Galician company. “These orders will allow Modify chips arbitrarily To unlock additional functionalities, infect these chips with malicious code and get to perform Attacks of the identity of the device.
release
First of all, from Tarlogic He defined the danger as a “back door”, and now described it as a “hidden functionality”. The difference is that the first will be intentional. no else. And this is what the Chinese manufacturer rescues, Espressif, who is forced to issue a statement to clarify its position and has been specified that, in this case, it is not a back door.
Tarlogic’s own company has included this update in its investigation: “We want to clarify that it is more suitable to call. «Hidden feature / hidden functionality» Instead of “backdoor” for the existence of HCI owners, which allow operations, such as the reading and amendment of memory in the ESP 32 controller, “conclusions from the Galician company.
As it can be, the discovery suggests that users have daily used equipment whose internal functioning we do not know. Now, in the midst of this technical war for personal data, this discovery calls in question Some of these devices that are with us in our daily lives are 100% safe.
